Пакет firefox: Информация

The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
- New release (119.0).
- Security fixes:
  + CVE-2023-5721: Queued up rendering could have allowed websites to clickjack
  + CVE-2023-5722: Cross-Origin size and header leakage
  + CVE-2023-5723: Invalid cookie characters could have led to unexpected errors
  + CVE-2023-5724: Large WebGL draw could have led to a crash
  + CVE-2023-5725: WebExtensions could open arbitrary URLs
  + CVE-2023-5726: Full screen notification obscured by file open dialog on macOS
  + CVE-2023-5727: Download Protections were bypassed by .msix, .msixbundle, .appx, and .appxbundle files on Windows
  + CVE-2023-5728: Improper object tracking during GC in the JavaScript engine could have led to a crash.
  + CVE-2023-5729: Fullscreen notification dialog could have been obscured by WebAuthn prompts
  + CVE-2023-5730: Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1
  + CVE-2023-5731: Memory safety bugs fixed in Firefox 119
- New release (118.0.2).
- Security fixes:
  + CVE-2023-5217: Heap buffer overflow in libvpx
- New release (118.0).
- Security fixes:
  + CVE-2023-5168: Out-of-bounds write in FilterNodeD2D1
  + CVE-2023-5169: Out-of-bounds write in PathOps
  + CVE-2023-5170: Memory leak from a privileged process
  + CVE-2023-5171: Use-after-free in Ion Compiler
  + CVE-2023-5172: Memory Corruption in Ion Hints
  + CVE-2023-5173: Out-of-bounds write in HTTP Alternate Services
  + CVE-2023-5174: Double-free in process spawning on Windows
  + CVE-2023-5175: Use-after-free of ImageBitmap during process shutdown
  + CVE-2023-5176: Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3

Пакет firefox: Информация

Последнее изменение